Cisco Firewall Port Forwarding
Jan20

Cisco Firewall Port Forwarding

KB ID 0000077 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. Note2: If your firewall is running a version older than 8.3 you will need to scroll down the page. Port forwarding on Cisco firewalls can be a little difficult to get your head around, to better understand what is going on remember in the “World of Cisco” you need to remember two things….. 1. NAT Means...

Read More
Cisco ASA 8.2 Upgrade to 8.3
Nov15

Cisco ASA 8.2 Upgrade to 8.3

KB ID 0001366 Problem I can’t believe I’m writing this, it’s been so long since 8.3 was released (7 Years!) And still there’s firewalls out there running old code? Why is the 8.3 upgrade important? This update made some very major changes to the way we did NAT, and also the way we wrote ACL’s. It was a big change. I remember keeping my client firewalls on 8.2 for a while until I fully understood the...

Read More
ASA 5500 Adding a DMZ Step By Step
Nov17

ASA 5500 Adding a DMZ Step By Step

KB ID 0000316  Problem Assuming you have a working ASA 5500 and you want to add a DMZ to it, this is the process. Assumptions 1. Networks, a. Inside network is 10.1.0.0 255.255.0.0 b. Outside network is 123.123.123.120 255.255.255.248 c. DMZ network is 172.16.1.0 255.255.0.0 2. Interfaces, a. Inside Interface is 10.1.0.254 b. Outside Interface is 172.16.1.254 c. DMZ Interface is 172.16.1.254 3. The Web server in the DMZ will have the...

Read More
Allow access to VMware View through Cisco ASA 5500
Nov17

Allow access to VMware View through Cisco ASA 5500

KB ID 0000545  Problem To access VMware View though a firewall you need the following ports to be open; TCP Port 80 (http/www) TCP Port 443 (https/ssl) TCP Port 4172 (PCoIP) UDP Port 4172 (PCoIP) In the following example I’m using 192.168.1.100 as the internal IP address of the View Server and the public IP address of the firewall is 123.123.123.123. Which solution you use, depends on weather you are allowing access via a...

Read More
Cisco ASA 5500 Active/Standby – Zero Downtime Upgrade
Nov17

Cisco ASA 5500 Active/Standby – Zero Downtime Upgrade

KB ID 0000733 Problem You have two ASA firewalls deployed in Active/Standby failover configuration, and need to upgrade either the operating system or the ASDM. As you already have a high availability solution you do not want any downtime. Before we start, we need to make sure we know the difference between primary, secondary, active and standby. From the rear (Active=Green, Standby=Amber) The Primary and Secondary firewalls are...

Read More